Privacy Policy

Last updated: 9 July 2026

Linguin is operated by Surfy Ltd, a company registered in England and Wales (company number 15026168), registered office at 14-2e Docklands Business Centre, 10-16 Tiller Road, London, E14 8PX, United Kingdom. When this policy says we, it means Surfy Ltd.

Linguin is built to need as little of your data as possible. This page explains what we collect, why, and what happens to it.

What we collect

Your email address. It is your account. You sign in with a one-time code sent to it, there are no passwords. We use it for sign-in codes and for replies you ask for, never for marketing lists.

Your content. Words you save, exercises, Talk conversations, and your learning progress are stored so the product works. They are private to your account.

Lookups. When you look up a word that isn't in the dictionary yet, the dictionary generates an entry for it. Entries are public, but they contain only the word and its description. Nothing about you or your account is attached to them.

Billing records. Payments are handled by Stripe. Card details go to Stripe directly and never touch our servers. We store the transaction history and a Stripe customer reference so your billing page can show your statement.

API usage. If you use the Linguin API, we store your keys hashed, and a log of your requests with their cost, so balance and reports work.

Technical logs. Standard server logs (IP address, browser type) are kept for security and troubleshooting. Visit counts are aggregated internally. We use no third-party analytics, no ad trackers, and no tracking pixels.

How your text is processed

Text you submit for lookups, translations, and Talk is sent to the AI infrastructure we run on (currently Cerebras) to generate your answer. It is used to produce the result you asked for, nothing else.

Cookies and browser storage

We use no tracking cookies. Your browser's local storage keeps your session and settings on your device.

Sharing

We never sell your data. It leaves our servers only to the processors named above (Stripe for payments, our AI infrastructure for generation, our email provider for sign-in codes), or if the law requires it.

Where your data lives

Our servers are hosted by ReliableSite in the United States, in the New York metro area, so your data is stored there. UK GDPR still governs how we handle it, wherever it sits.

Family accounts

A family plan owner adds members by email. If a member is a minor, the owner confirms they are the parent or guardian and consents on their behalf.

Retention and deletion

Your data is kept while your account is active. Write to us on the contacts page to delete your account, and we will remove it along with your content. Billing records are kept as long as accounting law requires. Server logs are short-lived.

Your rights

You can ask us what we hold about you, request a copy, correct it, or have it deleted. The contacts page is the way in for all of it. If you are unhappy with how we handled something, you can also complain to the UK Information Commissioner's Office at ico.org.uk.

Changes

When this policy changes, the new version appears here with a new date.

Look up word or phrase...